alera.in Open in urlscan Pro
162.241.169.247 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.ap-southeast-2.amazonaws.com/au889279094/office365.html
Effective URL:
https://alera.in/wp-admin/includes/wp/office/login/
Submission: On October 12 via manual (October 12th 2022, 9:06:04 pm UTC) from US — Scanned from AU

Summary HTTP 23 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 162.241.169.247, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is alera.in.
TLS certificate: Issued by R3 on September 22nd 2022. Valid for: 3 months.

This is the only time alera.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	52.95.128.231 52.95.128.231	16509 (AMAZON-02) (AMAZON-02)
8	162.241.169.247 162.241.169.247	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
13	152.199.39.108 152.199.39.108	15133 (EDGECAST) (EDGECAST)
1	20.72.243.62 20.72.243.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	4

1 52.95.128.231 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.241.169.247 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-169-247.unifiedlayer.com

alera.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 152.199.39.108 (United States)

ASN15133 (EDGECAST, US)

acctcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.72.243.62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fpt.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	msftauth.net acctcdn.msftauth.net — Cisco Umbrella Rank: 5828	188 KB
8	alera.in alera.in	61 KB
1	live.com fpt.live.com — Cisco Umbrella Rank: 66819	67 B
1	amazonaws.com s3.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 50776	562 B
23	4

	Domain	Requested by
13	acctcdn.msftauth.net	alera.in
8	alera.in	alera.in
1	fpt.live.com	alera.in
1	s3.ap-southeast-2.amazonaws.com
23	4

This site contains links to these domains. Also see Links.

Domain
login.live.com
www.microsoft.com
go.microsoft.com

Subject Issuer	Validity	Valid
*.s3-ap-southeast-2.amazonaws.com Amazon	`2021-12-15` - `2022-12-14`	a year	crt.sh
*.alera.in R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2022-08-23` - `2023-08-18`	a year	crt.sh
fpt.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-07-31` - `2023-07-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://alera.in/wp-admin/includes/wp/office/login/
Frame ID: 5A1A34BAC4F1D9E4CAC65DD3E9D572EB
Requests: 22 HTTP requests in this frame

Frame: https://fpt.live.com/?session_id=c1341992303a47b49e90e621970e3a3d&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US&ru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26scope%3dopenid%2bprofile%2bhttps%253a%252f%252fwww.office.com%252fv2%252fOfficeHome.All%26redirect_uri%3dhttps%253a%252f%252fwww.office.com%252flandingv2%26response_type%3dcode%2bid_token%26state%3dsGVQstCt4aHXnEyEMCwFlHPVOZqGHcXGZklLJ0OEAoKQ6RQdX3gJLDvsHEp8yIaA0bTN2wEMwhutG84PGP1k9btKBo1UIhUzNhqXXnSPZ3JJXs_ZAArmWcvjvizT_0QAD6ZaYeHu7oGBAJozbZNSbol4J5nRQrFV28ym8c-bkxUDNMh11D40tVwlHkeGgqqj6HWff0e2Oblj5e-7Y_MaC9Dnon2PQxVYNpq_7qyLmZpDimgwOqPctU5rNmUMsbrNtzkB2wupG9XKkXfn8HZ_UwxhrKE6v-BW-FYWnMeb15U%26response_mode%3dform_post%26nonce%3d638009296171484898.YmQwZmMzN2EtNWY3NS00NzI4LTliNjMtZmI0NTRjNTMwNzIwYzA0NmM2ZmMtMWJkOS00OWU1LTk1NTYtNGYwZDVjMTQ1NDFh%26x-client-SKU%3dID_NETSTANDARD2_0%26x-client-Ver%3d6.16.0.0%26msproxy%3d1%26issuer%3dmso%26tenant%3dcommon%26ui_locales%3den%26lw%3d1%26fl%3deasi2%26epct%3dAQABAAAAAAD--DLA3VO7QrddgJg7WevrrBD3Gbd6mDmKyRwIZ15s7Vva8qLzjOO1ujbWk1QkfZnAE8Ta5zU8Cps-bF5UVwIlFS3KrXQjRsI-6zPmXOY2MAcsCcK0o0hzNz2BQ7h0_FQCgh0K_lj_PguIFqOSdx4NczNwsWesnyZ8WhRMr5Tj0ld1uERxc3kLMrXcwgPmRFuYfHJ-F52vvUCGfsAB14jw0rO-SOS99bXBsOgzS7r3hCAA%26jshs%3d0%26mkt%3dEN-US%26uaid%3dc1341992303a47b49e90e621970e3a3d%26contextid%3d980CEEF437F2391B%26mssupv%3d1
Frame ID: 80DC1F0EE1E8575B5F11F8C61DD2AE1E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://s3.ap-southeast-2.amazonaws.com/au889279094/office365.html Page URL
https://alera.in/wp-admin/includes/wp/office/login/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

250 kB
Transfer

794 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://login.live.com/oauth20_authorize.srf?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=sGVQstCt4aHXnEyEMCwFlHPVOZqGHcXGZklLJ0OEAoKQ6RQdX3gJLDvsHEp8yIaA0bTN2wEMwhutG84PGP1k9btKBo1UIhUzNhqXXnSPZ3JJXs_ZAArmWcvjvizT_0QAD6ZaYeHu7oGBAJozbZNSbol4J5nRQrFV28ym8c-bkxUDNMh11D40tVwlHkeGgqqj6HWff0e2Oblj5e-7Y_MaC9Dnon2PQxVYNpq_7qyLmZpDimgwOqPctU5rNmUMsbrNtzkB2wupG9XKkXfn8HZ_UwxhrKE6v-BW-FYWnMeb15U&response_mode=form_post&nonce=638009296171484898.YmQwZmMzN2EtNWY3NS00NzI4LTliNjMtZmI0NTRjNTMwNzIwYzA0NmM2ZmMtMWJkOS00OWU1LTk1NTYtNGYwZDVjMTQ1NDFh&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.16.0.0&uaid=c1341992303a47b49e90e621970e3a3d&msproxy=1&issuer=mso&tenant=common&ui_locales=en&signup=1&lw=1&fl=easi2&epct=AQABAAAAAAD--DLA3VO7QrddgJg7Wevr20_FWBGAdbRmGkT-fyQDGGlk3C0dXxLmPZDxfmAchRuTVdJ5T425gKoz4UsgxJTWPGzZSrbQg1-krtDqJ6-r18xSvMs1_KaEI7L6r3zntQB8zlT1yPyNddmcd9raT0yP_KWbK1LiafhTUun0l1dTjjFZRg78JXxogZFoFi9BW4BfQUUBuHAIYTnQ-mj0f0JBsB768ZRMdKXJM6TrYSTzUyAA&jshs=0
Title: Create one!

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/servicesagreement/default.aspx
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=521839
Title: Privacy & Cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.ap-southeast-2.amazonaws.com/au889279094/office365.html Page URL
https://alera.in/wp-admin/includes/wp/office/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	office365.html Show response s3.ap-southeast-2.amazonaws.com/au889279094/	206 B 562 B	334ms 126ms	Document text/html	52.95.128.231 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.ap-southeast-2.amazonaws.com/au889279094/office365.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.128.231 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS s3-ap-southeast-2.amazonaws.com Software AmazonS3 / Resource Hash `6f431bea009c0266d9648f9c8b845bacbbbf4abc0d9d885c2045f474f181e502` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Accept-Ranges bytes Content-Length 206 Content-Type text/html Date Wed, 12 Oct 2022 21:05:59 GMT ETag "c6f4ff4dc510c6c7cf1a884f7dc31ea9" Last-Modified Tue, 11 Oct 2022 21:33:36 GMT Server AmazonS3 x-amz-id-2 AGzPA6oM9ZOCasi1JyDSm9Pr7FNvW95+g3XetN6evaNgKTIyxk4/zL+khWI5QUnra0l5pd5m5YQ= x-amz-request-id 8GYBQHDN6V3XRXAF
GET H2	200	Primary Request / Show response alera.in/wp-admin/includes/wp/office/login/	170 KB 61 KB	1232ms 312ms	Document text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / WP Rocket/3.10.2 Resource Hash `8b5644f2894235ecf00578a01be552a541c3778b0af55e6a724ea52bf95b4460` Request headers Referer https://s3.ap-southeast-2.amazonaws.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes cache-control max-age=0, public content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 12 Oct 2022 21:06:00 GMT expires Wed, 12 Oct 2022 21:06:00 GMT server Apache vary Accept-Encoding x-powered-by WP Rocket/3.10.2
GET H2	200	converged_ux_v2_K7ehqpswU38q5dsLvSJA0g2.css acctcdn.msftauth.net/	93 KB 18 KB	442ms 102ms	Stylesheet text/css	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/converged_ux_v2_K7ehqpswU38q5dsLvSJA0g2.css?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7A1) / Resource Hash `33db759081709f1678c1ef6c31995313263764e1a977bba8e4f3f660ad5d8c4e` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 RzGuzsIp5th0V8uVYLjPFA== age 2595838 x-cache HIT content-length 17641 x-ms-lease-status unlocked last-modified Mon, 12 Sep 2022 05:11:14 GMT server ECAcc (nwa/E7A1) etag 0x8DA947D3731EFEE vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id e4391a5d-a01e-0096-1fe2-c67f29000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	jqueryshim_hlu0tTfjWJFWYNt1WZrVqg2.js Show response acctcdn.msftauth.net/	22 KB 6 KB	442ms 103ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/jqueryshim_hlu0tTfjWJFWYNt1WZrVqg2.js?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79F) / Resource Hash `6475d6174947ecc39ac5182a69bd78193a13af57b3a53c1d2c34836e85f4d0bd` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 tZ45+ZIcr8oUnrloW1H2Vg== age 16407707 x-cache HIT content-length 5564 x-ms-lease-status unlocked last-modified Tue, 05 Apr 2022 05:11:40 GMT server ECAcc (nwa/E79F) etag 0x8DA16C2C4E3322D vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id e7df5a40-d01e-0043-3644-49d147000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js Show response acctcdn.msftauth.net/	78 KB 28 KB	442ms 104ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79F) / Resource Hash `3c829dcf48768082a6177b77ae4e499337ed4c8bd056705cdb1e979f7b6efce5` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 o3vbuPQYpAFMmawTk+WKWA== age 19365197 x-cache HIT content-length 28582 x-ms-lease-status unlocked last-modified Tue, 01 Mar 2022 21:46:49 GMT server ECAcc (nwa/E79F) etag 0x8D9FBCCFD795C20 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 062d906e-b01e-0074-085e-2e08f2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	lwsignupstringscountrybirthdate_en-us_Hu9XQvsxbdtI5Cn8ywiXCA2.js Show response acctcdn.msftauth.net/	25 KB 7 KB	442ms 104ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/lwsignupstringscountrybirthdate_en-us_Hu9XQvsxbdtI5Cn8ywiXCA2.js?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79E) / Resource Hash `dc0924a4eb17e28bd545fea90e234644470649cb538e22c7fbc66081ac36a56a` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 +v9Yu4dBC40sInjoTPM11Q== age 11410689 x-cache HIT content-length 7006 x-ms-lease-status unlocked last-modified Thu, 02 Jun 2022 05:21:25 GMT server ECAcc (nwa/E79E) etag 0x8DA4457BD041AC2 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 08f4b95a-501e-0089-12b6-76ffe2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	lightweightsignuppackage_7MUFZSQjQ3HhXJmM1cidfQ2.js Show response acctcdn.msftauth.net/	197 KB 50 KB	542ms 204ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/lightweightsignuppackage_7MUFZSQjQ3HhXJmM1cidfQ2.js?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7BD) / Resource Hash `4c0dbcb746bd0c98361820651c1f2893c8b38fbcbd54bb72e14eca923aedfb0c` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 QXGLfu/v6bR1XjKWFeTb4Q== age 1880351 x-cache HIT content-length 51354 x-ms-lease-status unlocked last-modified Tue, 20 Sep 2022 06:32:51 GMT server ECAcc (nwa/E7BD) etag 0x8DA9AD1F16726FE vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id eca3a7be-801e-004b-6964-cdf668000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js Show response acctcdn.msftauth.net/	8 KB 4 KB	638ms 301ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79A) / Resource Hash `617e32ca57507098771fd30af6b9dcab063448f6d7e0bc6d6557dd1895f80543` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 GpB463eVzCq5vobQLSGoUw== age 31456799 x-cache HIT content-length 3505 x-ms-lease-status unlocked last-modified Wed, 13 Oct 2021 10:21:07 GMT server ECAcc (nwa/E79A) etag 0x8D98E332B5ACF97 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id d1fefb99-a01e-0059-3f65-c0442d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg acctcdn.msftauth.net/images/	4 KB 2 KB	401ms 103ms	Image image/svg+xml	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://acctcdn.msftauth.net/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7A6) / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 nzaLxFgP7ZB3dfMcaybWzw== age 17523826 x-cache HIT content-length 1435 x-ms-lease-status unlocked last-modified Wed, 23 Mar 2022 05:06:05 GMT server ECAcc (nwa/E7A6) etag 0x8DA0C8AD577600A vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id dfc14c03-101e-0042-301d-3f2f4a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2.svg acctcdn.msftauth.net/images/	224 B 331 B	498ms 201ms	Image image/svg+xml	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://acctcdn.msftauth.net/images/dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2.svg Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7AB) / Resource Hash `96d52bd03e244a44931a541a807067792d638dd29ec14a87a78f2be85d12d19a` Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 5h8LmH5/oEhH5cNR2+nY3g== age 2776792 x-cache HIT content-length 179 x-ms-lease-status unlocked last-modified Sat, 10 Sep 2022 05:36:36 GMT server ECAcc (nwa/E7AB) etag 0x8DA92EE6D6804B0 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 173b5884-201e-0095-203d-c58c49000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	oneds_CBxZrnSxLbjHuOGn7pHqpg2.js Show response acctcdn.msftauth.net/	82 KB 32 KB	406ms 102ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/oneds_CBxZrnSxLbjHuOGn7pHqpg2.js?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79C) / Resource Hash `93ab478d7a7a79e7723b0d968b7a98230c8f991bd4e2cea5798e23dfca7280e3` Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 TG9uHzngBH/n/rWU7NJ5sA== age 13304878 x-cache HIT content-length 31830 x-ms-lease-status unlocked last-modified Wed, 11 May 2022 05:17:32 GMT server ECAcc (nwa/E79C) etag 0x8DA330D8D7CC074 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 200804fc-201e-005c-1e7c-65518c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	404	microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg alera.in/Resources/images/	0 0	388ms 388ms	Other text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/Resources/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/wp-admin/includes/wp/office/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 12 Oct 2022 21:06:01 GMT server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://alera.in/wp-json/>; rel="https://api.w.org/" content-length 0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	favicon.ico alera.in/Resources/images/	0 0	381ms 380ms	Other text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/Resources/images/favicon.ico Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/wp-admin/includes/wp/office/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 12 Oct 2022 21:06:01 GMT server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://alera.in/wp-json/>; rel="https://api.w.org/" content-length 0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	2_vD0yppaJX3jBnfbHF1hqXQ2.svg alera.in/Resources/images/	0 0	382ms 381ms	Other text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/Resources/images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/wp-admin/includes/wp/office/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 12 Oct 2022 21:06:01 GMT server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://alera.in/wp-json/>; rel="https://api.w.org/" content-length 0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	2_vD0yppaJX3jBnfbHF1hqXQ2.svg acctcdn.msftauth.net/images/	2 KB 838 B	397ms 103ms	Image image/svg+xml	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://acctcdn.msftauth.net/images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7A5) / Resource Hash `0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68` Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 DhdidjYrlCeaRJJRG/y9mA== age 18086689 x-cache HIT content-length 673 x-ms-lease-status unlocked last-modified Thu, 17 Mar 2022 05:16:29 GMT server ECAcc (nwa/E7A5) etag 0x8DA07D54AC9C4AC vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 6e273d82-401e-002e-07ff-39613a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	/ Show response fpt.live.com/ Frame 80DC	0 67 B	813ms 267ms	Document text/plain	20.72.243.62 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://fpt.live.com/?session_id=c1341992303a47b49e90e621970e3a3d&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US&ru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d4765445b-32c6-49b0-83e6-1d93765276ca%26scope%3dopenid%2bprofile%2bhttps%253a%252f%252fwww.office.com%252fv2%252fOfficeHome.All%26redirect_uri%3dhttps%253a%252f%252fwww.office.com%252flandingv2%26response_type%3dcode%2bid_token%26state%3dsGVQstCt4aHXnEyEMCwFlHPVOZqGHcXGZklLJ0OEAoKQ6RQdX3gJLDvsHEp8yIaA0bTN2wEMwhutG84PGP1k9btKBo1UIhUzNhqXXnSPZ3JJXs_ZAArmWcvjvizT_0QAD6ZaYeHu7oGBAJozbZNSbol4J5nRQrFV28ym8c-bkxUDNMh11D40tVwlHkeGgqqj6HWff0e2Oblj5e-7Y_MaC9Dnon2PQxVYNpq_7qyLmZpDimgwOqPctU5rNmUMsbrNtzkB2wupG9XKkXfn8HZ_UwxhrKE6v-BW-FYWnMeb15U%26response_mode%3dform_post%26nonce%3d638009296171484898.YmQwZmMzN2EtNWY3NS00NzI4LTliNjMtZmI0NTRjNTMwNzIwYzA0NmM2ZmMtMWJkOS00OWU1LTk1NTYtNGYwZDVjMTQ1NDFh%26x-client-SKU%3dID_NETSTANDARD2_0%26x-client-Ver%3d6.16.0.0%26msproxy%3d1%26issuer%3dmso%26tenant%3dcommon%26ui_locales%3den%26lw%3d1%26fl%3deasi2%26epct%3dAQABAAAAAAD--DLA3VO7QrddgJg7WevrrBD3Gbd6mDmKyRwIZ15s7Vva8qLzjOO1ujbWk1QkfZnAE8Ta5zU8Cps-bF5UVwIlFS3KrXQjRsI-6zPmXOY2MAcsCcK0o0hzNz2BQ7h0_FQCgh0K_lj_PguIFqOSdx4NczNwsWesnyZ8WhRMr5Tj0ld1uERxc3kLMrXcwgPmRFuYfHJ-F52vvUCGfsAB14jw0rO-SOS99bXBsOgzS7r3hCAA%26jshs%3d0%26mkt%3dEN-US%26uaid%3dc1341992303a47b49e90e621970e3a3d%26contextid%3d980CEEF437F2391B%26mssupv%3d1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.72.243.62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://alera.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers content-length 0 date Wed, 12 Oct 2022 21:06:02 GMT server Microsoft-HTTPAPI/2.0
GET H2	200	jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js Show response acctcdn.msftauth.net/	94 KB 33 KB	102ms 102ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/jquerypackage_1.10_5V7LAuc3bNAQx2QQfr1RPw2.js?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7B3) / Resource Hash `5776881753b95a0abe5d1f6efe3abe7b83a3265eaccd117dd948e523c044600c` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:01 GMT content-encoding gzip content-md5 5RyE7AzzSmcE6j1LmNUdUQ== age 2776995 x-cache HIT content-length 33918 x-ms-lease-status unlocked last-modified Sat, 10 Sep 2022 05:36:53 GMT server ECAcc (nwa/E7B3) etag 0x8DA92EE77C37FE9 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 135d965b-401e-0085-033c-c53361000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	watson_DOaS_v-h3FCKtNPQv8zSLw2.js Show response acctcdn.msftauth.net/	10 KB 4 KB	102ms 102ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/watson_DOaS_v-h3FCKtNPQv8zSLw2.js?v=1 Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E7B2) / Resource Hash `f96ff06de281bf6717aab053393d6ae269806ebf1130a4af94cab62191d0f921` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:02 GMT content-encoding gzip content-md5 zCQmD+i79pJJawzM/nhQbQ== age 9762199 x-cache HIT content-length 4374 x-ms-lease-status unlocked last-modified Mon, 20 Jun 2022 05:27:07 GMT server ECAcc (nwa/E7B2) etag 0x8DA527D849AE004 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 98cb264c-501e-0024-10b5-854b78000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
POST H2	404	Watson alera.in/handlers/	0 0	377ms 376ms	Fetch text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/handlers/Watson Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / Resource Hash Request headers uaid c1341992303a47b49e90e621970e3a3d x-ms-apiVersion 3 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 canary xu1qL6j8rRugaLQqQTVPRGnb+ZijKPiglpBKDLmoVVl830e6gCu543AE4cz0a6VRUPSo7rbd+J7otRz2zyVhuHkrm6vkNMJJZGRg4Ns+/oYgKyne1XB2GRSb9iLap+A48Z+KtNNQw0Me0yQMw5pSYu2jn1LuDZQKfW/Oc+xIRO3dnNK6mGUEBp3ZfrZjm/PT//HSe4dIshAzz4+14fNt677AxfOGD8xzN06ZDipmL5rLb1Q1Burnwq86MpRYOkup:2:3c Content-Type application/json; charset=utf-8 hpgid 200225 Accept application/json tcxt lBBXB2KwkXdfHv5PrJhvU8PtPCrPGJWI/G+nCKvW1PWAciA344VMOpbrkyZ0uw9TlrzbAPBh6vqtiF+m9QCZ61FHv94YeqgwGHKtftT/LjmMBKQckWod8WPZvok0EK2OBzhGpfBCEpLbqzboc+nO25Gws2Veym7/TRn/SiFQCM8EiTx5d5Xzh0SHQFOLC3H+KF0wvUJEzxVq14rOanFRjnI5kkSBnZJfwdsFZMt33cJsF3uFbGrWZfpoaUygCtaLZL6/ioXFdPhkhCdIGZedS+QH2aFbRzFEoehH4+GqyzvfsnNG4Rw3g4nLRfPFcYYqcMfjoBzoUakptAZICEXVa5tWw92C1qXayn/7ipcS400M620CkywXjdnCLFl0H2vXXE4hy4Vs/ZvrfZ5W3JzQcJlAlqgQ+HrNT2Frf2gAcxZyuXZxynjGwHDVCYjkLuCr/9b0OA0PP94bni5x527rNcd4jZTAGPEtGLPNKTkzuK/AOoRSlJcYXvgu7TsUpBCPNYO8WlYOEWxhRMX3J/dMWyf5iW7/CphY/GFfqGuzpvQ=:2:3 Referer https://alera.in/wp-admin/includes/wp/office/login/ x-ms-apiTransport fetch Response headers date Wed, 12 Oct 2022 21:06:02 GMT server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://alera.in/wp-json/>; rel="https://api.w.org/" content-length 0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg alera.in/Resources/images/	0 0	357ms 356ms	Other text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/Resources/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/wp-admin/includes/wp/office/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 12 Oct 2022 21:06:02 GMT server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://alera.in/wp-json/>; rel="https://api.w.org/" content-length 0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	favicon.ico alera.in/Resources/images/	0 0	364ms 363ms	Other text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/Resources/images/favicon.ico Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/wp-admin/includes/wp/office/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 12 Oct 2022 21:06:02 GMT server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://alera.in/wp-json/>; rel="https://api.w.org/" content-length 0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	2_vD0yppaJX3jBnfbHF1hqXQ2.svg alera.in/Resources/images/	0 0	375ms 374ms	Other text/html	162.241.169.247 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://alera.in/Resources/images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.169.247 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-169-247.unifiedlayer.com Software Apache / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer https://alera.in/wp-admin/includes/wp/office/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 12 Oct 2022 21:06:02 GMT server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://alera.in/wp-json/>; rel="https://api.w.org/" content-length 0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js Show response acctcdn.msftauth.net/	8 KB 3 KB	101ms 101ms	Script application/javascript	152.199.39.108 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://acctcdn.msftauth.net/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js Requested by Host: alera.in URL: https://alera.in/wp-admin/includes/wp/office/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.108 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nwa/E79A) / Resource Hash `617e32ca57507098771fd30af6b9dcab063448f6d7e0bc6d6557dd1895f80543` Request headers Referer https://alera.in/ Origin https://alera.in accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 12 Oct 2022 21:06:02 GMT content-encoding gzip content-md5 GpB463eVzCq5vobQLSGoUw== age 31456800 x-cache HIT content-length 3505 x-ms-lease-status unlocked last-modified Wed, 13 Oct 2021 10:21:07 GMT server ECAcc (nwa/E79A) etag 0x8D98E332B5ACF97 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id d1fefb99-a01e-0059-3f65-c0442d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://alera.in/Resources/images/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://alera.in/Resources/images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://alera.in/Resources/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://alera.in/handlers/Watson Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://alera.in/Resources/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://alera.in/Resources/images/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://alera.in/Resources/images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acctcdn.msftauth.net
alera.in
fpt.live.com
s3.ap-southeast-2.amazonaws.com
152.199.39.108
162.241.169.247
20.72.243.62
52.95.128.231
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
33db759081709f1678c1ef6c31995313263764e1a977bba8e4f3f660ad5d8c4e
3c829dcf48768082a6177b77ae4e499337ed4c8bd056705cdb1e979f7b6efce5
4c0dbcb746bd0c98361820651c1f2893c8b38fbcbd54bb72e14eca923aedfb0c
5776881753b95a0abe5d1f6efe3abe7b83a3265eaccd117dd948e523c044600c
617e32ca57507098771fd30af6b9dcab063448f6d7e0bc6d6557dd1895f80543
6475d6174947ecc39ac5182a69bd78193a13af57b3a53c1d2c34836e85f4d0bd
6f431bea009c0266d9648f9c8b845bacbbbf4abc0d9d885c2045f474f181e502
8b5644f2894235ecf00578a01be552a541c3778b0af55e6a724ea52bf95b4460
93ab478d7a7a79e7723b0d968b7a98230c8f991bd4e2cea5798e23dfca7280e3
96d52bd03e244a44931a541a807067792d638dd29ec14a87a78f2be85d12d19a
dc0924a4eb17e28bd545fea90e234644470649cb538e22c7fbc66081ac36a56a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f96ff06de281bf6717aab053393d6ae269806ebf1130a4af94cab62191d0f921

alera.in Open in urlscan Pro 162.241.169.247 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

250 kBTransfer

794 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

125 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

alera.in Open in urlscan Pro
162.241.169.247 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

250 kB
Transfer

794 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!